Re: Block Code Red with ACLs [7:14967]

Geoff, Thats exactly the method that was mentioned earlier...The solution they have proposed is designed to work in conjunction with the Microsoft patch to block the Code Red HTTP GET requests at a network ingress point. It looks for keywords and blocks if it finds a match. Here is an exa

Re: Block Code Red with ACLs [7:14967]

There is no method sufficiently granular to stop Code Red or CodeRed II using ACLs without blocking all related non-attack traffic... what you really need is a stateful firewall that can block http GET requests that contain "default.ida". Geoff Zinderdine CCNP MCP CCA MTS Communications --- will

Re: Block Code Red with ACLs [7:14967]

Let me explain... 1) the methodoly used is a subset of NBAR called "class based marking feature", which is available in ver 12.1(5)T or higher... 2) you must enable cef before you configure NBAR go to the following link for more info http://www.cisco.com/univercd/cc/td/doc/product/software/ios12

Re: Block Code Red with ACLs [7:14967]

How would you block code red with CEF and NBAR? On Sun, 5 Aug 2001 19:28:10 -0400, Santosh Koshy wrote: > Depends on your edge router you need a router that supports CEF & > NBAR (3600, 7000, e.t.c.) with IOS 12.1(5) T or higher > > Thanks, > Santosh > > ""Russ Kreigh"" wrote

Re: Block Code Red with ACLs [7:14967]

Depends on your edge router you need a router that supports CEF & NBAR (3600, 7000, e.t.c.) with IOS 12.1(5) T or higher Thanks, Santosh ""Russ Kreigh"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=149

Block Code Red with ACLs [7:14967]

Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=14967&t=14967 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]